$OpenBSD: patch-src_verify_c,v 1.1 2015/06/25 14:44:30 gsoares Exp $

disable OpenSSL 1.0.2 X509_check_* functions, so it can build with libressl.


--- src/verify.c.orig	Fri Jun 12 12:45:00 2015
+++ src/verify.c	Fri Jun 12 12:47:35 2015
@@ -50,7 +50,7 @@ NOEXPORT int add_dir_lookup(X509_STORE *, char *);
 NOEXPORT int verify_callback(int, X509_STORE_CTX *);
 NOEXPORT int verify_checks(CLI *, int, X509_STORE_CTX *);
 NOEXPORT int cert_check(CLI *, X509_STORE_CTX *, int);
-#if OPENSSL_VERSION_NUMBER>=0x10002000L
+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
 NOEXPORT int cert_check_subject(CLI *, X509_STORE_CTX *);
 #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */
 NOEXPORT int cert_check_local(X509_STORE_CTX *);
@@ -285,7 +285,7 @@ NOEXPORT int cert_check(CLI *c, X509_STORE_CTX *callba
     }
 
     if(depth==0) { /* additional peer certificate checks */
-#if OPENSSL_VERSION_NUMBER>=0x10002000L
+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
         if(!cert_check_subject(c, callback_ctx))
             return 0; /* reject */
 #endif /* OPENSSL_VERSION_NUMBER>=0x10002000L */
@@ -296,7 +296,7 @@ NOEXPORT int cert_check(CLI *c, X509_STORE_CTX *callba
     return 1; /* accept */
 }
 
-#if OPENSSL_VERSION_NUMBER>=0x10002000L
+#if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
 NOEXPORT int cert_check_subject(CLI *c, X509_STORE_CTX *callback_ctx) {
     X509 *cert=X509_STORE_CTX_get_current_cert(callback_ctx);
     NAME_LIST *ptr;
